Commit e6f2f381 authored by Ondrej Mosnacek's avatar Ondrej Mosnacek Committed by Paul Moore

selinux: replace BUG_ONs with WARN_ONs in avc.c

These checks are only guarding against programming errors that could
silently grant too many permissions. These cases are better handled with
WARN_ON(), since it doesn't really help much to crash the machine in
this case.
Signed-off-by: default avatarOndrej Mosnacek <omosnace@redhat.com>
Reviewed-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent fede1483
...@@ -1059,7 +1059,8 @@ int avc_has_extended_perms(struct selinux_state *state, ...@@ -1059,7 +1059,8 @@ int avc_has_extended_perms(struct selinux_state *state,
int rc = 0, rc2; int rc = 0, rc2;
xp_node = &local_xp_node; xp_node = &local_xp_node;
BUG_ON(!requested); if (WARN_ON(!requested))
return -EACCES;
rcu_read_lock(); rcu_read_lock();
...@@ -1149,7 +1150,8 @@ inline int avc_has_perm_noaudit(struct selinux_state *state, ...@@ -1149,7 +1150,8 @@ inline int avc_has_perm_noaudit(struct selinux_state *state,
int rc = 0; int rc = 0;
u32 denied; u32 denied;
BUG_ON(!requested); if (WARN_ON(!requested))
return -EACCES;
rcu_read_lock(); rcu_read_lock();
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment